struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Beal <jbb...@gmail.com>
Subject Re: Sample Code for Desclarative Security in Struts
Date Mon, 09 May 2005 15:42:49 GMT
Solution 1: I don't believe there has to be any correlation between
your web-resource-collections in your security-constraints and your
servlet-mappings in web.xml.  It seems to be perfectly valid to map
*.do to ActionServlet (a single servlet-mapping) and have /admin/*.do
and /user/*.do handled by two different security constraints.

Solution 2: You also have the option (since Struts 1.1) to declare
your security inside of struts-config.xml.  The roles attribute of the
action element lists the set of roles that you are allowing to access
a particular action.

-- Jeff

On 5/8/05, alec <alec_lee@hotmail.com> wrote:
> Would there be any sample code showing how to use declarative security in
> Struts?  I guess this would be a bit tricky as there is only 1 web resource
> to protect (ActionServlet)
> 
> Appreciate any pointer.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
> 
>

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message